Description -------------------- The OrderSys system was originally developed at an academic research laboratory to simplify the filling of order forms that could be printed for handing over to a departmental office which processed the orders. The details for items and vendors, and order histories, could be stored in tables of a MySQL database, thereby saving time and effort of looking up catalog numbers, price, etc., budgeting, order follow ups, and preventing unnecessary ordering as well as illegibilities inherent to handwritten ordering. The system can be easily used for other purposes.

Details -------------------- OrderSys is affected by XSS and SQL Injection vulnerabilities in version 1.6.4.

About Netsparker -------------------- Netsparker® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Netsparker's unique detection and exploitation techniques allows it to be dead accurate in reporting hence it's the first and the only False Positive Free web application security scanner.